Managing access to the Zendesk API (2024)

Table of Contents
Managing password access to the API Managing API token access to the API Enabling API token access Generating API tokens Deleting an API token Managing OAuth token access to the API Creating OAuth clients Creating access tokens with an OAuth client Deleting OAuth clients and tokens
  1. Zendesk help
  2. Support
  3. Using Support ticketing system
  4. Security and user access in Zendesk Support

Anton de Young

  • Edited

What's my plan?

Managing access to the Zendesk API (1)Managing access to the Zendesk API (2)

Users can access the Zendesk API using any of three authentication methods. First, they can use their Zendesk password. This is known as basic authentication. Second, they can use an auto-generated password called an API token. Third, they can use an OAuth access token, which is different than an API token.

All three authentication methods are disabled by default in new accounts. This article explains how to enable and disable each method to manage how users access the Zendesk API.

  • Managing password access to the API
  • Managing API token access to the API
  • Managing OAuth token access to the API

To use any of these authentication methods in API requests, see Security and authentication on developer.zendesk.com.

For information on using the Zendesk API, see the following pages:

Managing password access to the API

Users can use their Zendesk password to authenticate API requests. Only verified users can make API requests with their password.

Password access to the API is disabled by default in new accounts. You must enable password access in Admin Center before users can use their password.

To enable or disable password access

  1. In Admin Center, click Managing access to the Zendesk API (3)Apps and integrations in the sidebar, then select APIs > Zendesk API.
  2. In the Settings tab, enable or disable password access.

To authenticate API requests with Zendesk passwords, see Basic authentication on developer.zendesk.com.

Managing API token access to the API

Users can use an API token to authenticate API requests. API tokens are auto-generated passwords that you can use with your username to authenticate API requests. They can also be used as part of two-factor authentication for integrations. Each API token can be used by any verified user on the account and isn't associated with a specific user. More than one token can be active at the same time.

API tokens are not the same as OAuth access tokens. See Differences between API tokens and access tokens on developer.zendesk.com.

This section includes the following topics:

  • Enabling API token access
  • Generating API tokens
  • Deleting an API token

To use an API token to authenticate API requests, see API token on developer.zendesk.com.

Enabling API token access

API token access is disabled by default. You must enable API token access in Admin Center before users can use API tokens.

To enable API token access

  1. In Admin Center, click Managing access to the Zendesk API (4)Apps and integrations in the sidebar, then select APIs > Zendesk API.
  2. In the Settings tab, enable token access.

Generating API tokens

To generate an API token, you must be an administrator and API token access must be enabled in your account.

To generate an API token

  1. In Admin Center, click Managing access to the Zendesk API (5)Apps and integrations in the sidebar, then select APIs > Zendesk API.
  2. Click the Add API token button to the right of Active API tokens.

    The token is generated and displayed.

    Managing access to the Zendesk API (6)

  3. (Optional) Enter an API token description.
  4. Copy the token and paste it somewhere secure. When you click Save to close this window, the full token will never be displayed again.
  5. Click Save to return to the Zendesk API page.

    If you click the token to reopen it, a truncated version of the token is displayed.

    Managing access to the Zendesk API (7)

Deleting an API token

An API token is like a password: any verified user on the account or anyone with their email address can use it to authenticate API requests. If you become aware than an API token has been compromised, delete it immediately. Deleting a token deactivates it permanently.

To delete an API token

  1. In Admin Center, click Managing access to the Zendesk API (8)Apps and integrations in the sidebar, then select APIs > Zendesk API.
  2. Select the token in the list, then click Delete on the right side.

Managing OAuth token access to the API

You can use OAuth access tokens to authenticate API requests. OAuth provides a secure way for applications to access Zendesk data without having to store and use Zendesk passwords or API tokens, which are sensitive information.

You can't create OAuth access tokens directly in Admin Center like API tokens. You must first create an OAuth client in Admin Center, then use the OAuth client in a defined OAuth authorization flow to create an OAuth access token.

OAuth access tokens are not the same as API tokens. See Differences between API tokens and access tokens on developer.zendesk.com.

This section covers the following topics:

  • Creating OAuth clients
  • Creating access tokens with an OAuth client
  • Deleting OAuth clients and tokens

To authenticate API requests with OAuth access tokens, see OAuth access token on developer.zendesk.com.

Creating OAuth clients

OAuth clients let you create OAuth access tokens that can be used to authenticate API requests. OAuth access tokens differ from API tokens. OAuth access tokens provides a secure way for applications to access the Zendesk API without having to store and use the passwords of your Zendesk users.

See Also
5 Best NFT Marketplaces on Arbitrum (2023)Polygon vs Arbitrum: Ethereum’s Layer-2 SolutionsToken bridge: Bridging ERC-20 tokens | Arbitrum DocsArbitrum, a leading scaling solution for Ethereum, will finally have a native cryptocurrency

To create OAuth clients

  1. In Admin Center, click Managing access to the Zendesk API (9)Apps and integrations in the sidebar, then select APIs > Zendesk API.
  2. Select the OAuth Clients tab.
  3. To create a client, click the Add OAuth client button and follow the instructions in Registering your application with Zendesk.
  4. To delete a client, select the client in the list, then click Delete on the right side.

Next, use the OAuth client to create one or more OAuth access tokens.

Creating access tokens with an OAuth client

After creating an OAuth client in Admin Center, you can use it with a defined authorization flow to create OAuth access tokens. You can use different OAuth authorization flows. For the options, see Implementing an OAuth authorization flow in your application.

You can also use the OAuth client with the API to create access tokens without an authorization flow. You can use a password or an API token to authenticate these API requests. See Creating and using OAuth access tokens with the API on developer.zendesk.com.

Deleting OAuth clients and tokens

You can delete an OAuth client to deactivate all the access tokens created with the client. You can also revoke individual access tokens.

To delete an OAuth client

  1. In Admin Center, click Managing access to the Zendesk API (10)Apps and integrations in the sidebar, then select APIs > Zendesk API.
  2. Select the OAuth Clients tab.
  3. Select the client in the list, then click Delete on the right side.

To revoke a specific access token

Return to top

  • Xometry Zendesk Integrations

    Hello we recently had to setup a new token and it doesn't appear to be working when we try to use it in our Okta instance. Is anyone else experiencing this issue?

  • Russell Chee

    Zendesk Customer Care

    Hey there,
    Thanks for reaching out on our community post about your issue with the API Token and your Okta instance. In this situation, what I will be doing is creating a ticket so that we can work on this together internally and see what could be going on. Speak to you soon!

    Russell Chee | Senior Customer Advocacy Specialist | Melbourne, Australia

  • Gokcem Kaplan

    Hi,

    Is there any way that I generate an api key with restricted access? I want to write an app and add private comments to tickets, with the api key from customer i would have full access to customer data. I only want to add comments.

  • Philip Larner

    Yeah would be good to know Api token with restricted acess

  • Shawn Oudavanh

    Not sure if there is a documented way but I was able to do this. So after you create the api token under the user you want, you can downgrade the user's role to your custom role. Granted your account has access to create custom roles. The API's should be restricted based on what is defined in that role.

  • Zendesk Admin

    I Agree would be good to know Api token with restricted acess

    See Also
    Arbitrum to Let Devs Work in Traditional Programming Languages

  • Andres Valdes

    Hello,

    I am login into Admin Center using an admin account. When I go to Apps and Integrations I don't see the APIs Link, but just Salesforce, Event Connector for Amazon EventBridge, Shopify and Slack.

    Is it because I need to set up something before reaching Apps and Integrations? Do I need special permissions?

    Thank you very much for any pointers you can give me

    Andres

  • Dane

    Zendesk Engineering

    Hi Andres,

    You will need to make sure that your role is indeed an Admin once you go to your profile in Admin Center.

    There's currently no permission restriction if you are indeed an Admin. If the same issue persisted, please contact our support directly.

  • Sean Gustilo

    I'm following the directions here to back up our KB using the Help Center API.

    Our Zendesk requires SSO via Okta to log in, so I've created an API token and placed the following into the script:

    credentials = 'your_email@domain.com/token'

    but receive error 401.

    Is there another way to format the credentials with the script?

  • user1005

    Hi,

    I'm setting up an integration for a customer and there's one question about API Token generation. In the past, if the user that generated the API Token was deleted, the API Token became invalid and another one needed to be generated.

    Is it still valid or we can generate the API Token and after the setup is completed we can delete the user with no impact in the token usage?

    Massashi Yasunaga

  • Noly Maron Unson

    Zendesk Customer Care

    Hi Dev,

    Deleting the user who created the API token will not affect the already created token. The token should still be available to use.

    Hope this helps.

  • Ashwin ck

    hy

    if i created a new token and try to create a ticket i got this error

    {"error":"invalid_token","error_description":"The access token provided is expired, revoked, malformed or invalid for other reasons."}

  • RAHUL SIDDU

    hi,
    is it possible to generate a new api - token through API, using zendesk access token?

  • Joyce

    Zendesk Customer Care

    Hello Rahul,

    Generating an API token can be done within Apps and integrations > APIs > Zendesk API in the Admin Center. Only the OAuth access tokens can be created via API. You check this article for more information: Creating and using OAuth access tokens with the API

  • Jed Hollander

    Was this ever answered?

    I Agree would be good to know Api token with restricted acesss

    I want to give someone API Access to work on an integration but I do not want them to have access to reporting. Is this possible?

    Thanks.

  • Ivan Miquiabas

    Zendesk Customer Care

    Hi Jed,

    Thanks for reaching out!

    While we do know that having access to API can only be by an administrator as per this article you can actually restrict them on Explore access via the Custom roles, so that even though users has access to API, you still do have control on accessing certain reports in your Zendesk account.


    Hope that helps!

  • Jed Hollander

    Ivan Miquiabas thank you for confirming.

Please sign in to leave a comment.

As a Zendesk expert with a deep understanding of the platform, I can confidently provide insights into the concepts discussed in the provided article. The article revolves around Zendesk Help Support and the utilization of the Support ticketing system, with a specific focus on security and user access. Anton de Young edited the article on July 24, 2023, at 16:12.

Authentication Methods in Zendesk API: Users can access the Zendesk API through three authentication methods: Zendesk password (basic authentication), API token, and OAuth access token. All three methods are disabled by default in new accounts, and the article explains how to enable or disable each method to manage user access.

Managing Password Access to the API:

  • Users can authenticate API requests using their Zendesk password.
  • Password access is disabled by default in new accounts and must be enabled or disabled in the Admin Center under "Apps and integrations" > "APIs" > "Zendesk API."
  • Detailed instructions on enabling or disabling password access are provided in the article.

Managing API Token Access to the API:

  • Users can utilize API tokens as auto-generated passwords for API requests.
  • API token access is disabled by default and needs to be enabled in the Admin Center.
  • The article covers topics such as enabling API token access, generating API tokens, and deleting API tokens.

Managing OAuth Token Access to the API:

  • OAuth access tokens provide a secure way for applications to access Zendesk data without storing passwords or API tokens.
  • Creating OAuth clients, generating access tokens, and deleting OAuth clients and tokens are explained.
  • OAuth access tokens differ from API tokens, and the article highlights the differences.

User Queries and Zendesk Community Interactions: The article includes interactions from Zendesk users seeking assistance and guidance on various topics, such as setting up API tokens, restricted API access, troubleshooting token-related issues, and generating tokens through APIs.

Noteworthy User Interactions:

  • A user inquired about generating an API key with restricted access.
  • Another user successfully restricted API access by customizing roles.
  • Users asked about issues with API tokens and Okta integration.
  • Questions were raised regarding the impact of deleting a user on API token usage.

Expert Responses:

  • Zendesk experts provided solutions, guidance, and clarification on user queries.
  • Responses included information on creating OAuth clients, restricting API access, troubleshooting errors, and managing access tokens.

This comprehensive overview demonstrates a thorough understanding of Zendesk's API authentication methods, user access management, and common challenges faced by Zendesk users, substantiating my expertise in the subject matter.

Managing access to the Zendesk API (2024)
Top Articles
7 Ways To Make Extra Money Working From Home
How To Make Money Blogging
What APR will I get with a 730 credit score?
How much is a mortgage payment on a 200K house?
Latest Posts
7 Debt Repayment Mistakes You're Making and How to Stop!
16 Hobbies That Make Money In 2021 - Earn Smart Online Class
Article information

Author: Velia Krajcik

Last Updated:

Views: 6348

Rating: 4.3 / 5 (54 voted)

Reviews: 85% of readers found this page helpful

Author information

Name: Velia Krajcik

Birthday: 1996-07-27

Address: 520 Balistreri Mount, South Armand, OR 60528

Phone: +466880739437

Job: Future Retail Associate

Hobby: Polo, Scouting, Worldbuilding, Cosplaying, Photography, Rowing, Nordic skating

Introduction: My name is Velia Krajcik, I am a handsome, clean, lucky, gleaming, magnificent, proud, glorious person who loves writing and wants to share my knowledge and understanding with you.